The idea is, that you can generate a vanity address without even knowing what private key it will actually belong to. One party grabs a random ECDSA keypair and saves the private key for themselves. They later can issue a request for a vanity address to be created, by supplying the public key form that keypair, their desired pattern and so forth. A person takes with looking for the vanity address is required to brute force random ECDSA private keys, get their corresponding public keys, add them to the provided public key, and proceed normally with SHA, RIPEMD and base58 until they receive the desired pattern. Then they give the private key they found to the first person, which adds the two private keys in order to get their vanity address. The best thing about it - the person looking for the solution won't know what the resulting private key is! This means that you can outsource your vanity key generation without needing to trust any third party.

An example (available from gobittest website):We have a private key:18E14A7B6A307F426A94F8114701E7C8E774E7F9A47E2C2035DB29A206321725which maps to public key:0450863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B23522CD470243453A299FA9E77237716103ABC11A1DF38855ED6F2EE187E9C582BA6

and say we want to find a pattern "166". One of the solutions takes a form of a private keyB18427B169E86DE681A1A62588E1D02AE4A7E83C1B413849989A76282A7B562Fmapping to public key:049C95E0949E397FACCECF0FE8EAD247E6FD082717E4A4A876049FB34A9ADED110DFEA2EF691CC4A1410498F4C312F3A94318CD5B6F0E8E92051064876751C8404

If we add the two public keys (like the person looking for the solution would do), we get a public key:0436970CE32E14DC06AC50217CDCF53E628B32810707080D6848D9C8D4BE9FE461E100E705CCA9854436A1283210CCEFBB6B16CB9A86B009488922A8F302A27487which is equivalent to this address:166ev9JXn2rFqiPSQAwM7qJYpNL1JrNf3h

If we add the two private keys (like the person requesting the address would), we get:CA65722CD418ED28EC369E36CFE3B7F3CC1CD035BFBF6469CE759FCA30AD6D54which maps to the same public key as the sum of the public keys, and thus - to the same address.

Since this is a model that requires basically no trust from any party, I've decided to create this "Vanity Pool" to enable people to easily outsource their vanity address creation, as well as enable people wanting to earn some Bitcoins to use their machines for something different from traditional mining.

The main problem currently, is that there is no software to support mining for such split addresses, and combining them offline. If someone wants to commit to creating such a software, it would be great!

For the time being, the website is up for testing only on testnet. From that I can see there are still some bugs in the system, but it should work as expected.

Any comments, suggestions?

EDIT 1:I've created a simple split vanity miner software in Google Go (if you're wondering why I used this weird language - I've been developing Bitcoin-related apps in it for a year for my master thesis). The source code and a Mac executable is available here:https://github.com/ThePiachu/Split-Vanity-Miner-GolangIt is quite slow, checking a couple hundred addresses on my old Macbook Pro, but it can solve some reasonably short patterns. The software is streamlined for the vanity pool, you only need to change the given testnet Bitcoin address to yours and it will do most of the work. It fetches work only during the start, so keep that in mind if you want to run it for longer.

I mean INVEST... like if you've solved this problem, someone needs to be throwing money at you to buy hardware and further develop this proprietary software for a promise in sharing future profits. Maybe I'm wrong, but I see a big demand for this kind of service as Bitcoin awareness spreads.

The pool is running on Google App Engine and my Bitcoind runs on Amazon EC2, so my hardware costs are non-existant. As for software, I probably can create some basic solutions easily enough with enough time and put up some bounties for more sophisticated ones.

I'm generally not that much of a business type, so trying to handle possible investments could only hamper this little project for now. What sort of model of investing did you have in mind?

I dunno, I'm not much of a business person either. But I would imagine some type of stock issuance would be a start. But that would require some kind of incorporation and like you said, probably a huge hindrance to you at this point.

For now, I'm happy to send you some Bitcoins when I have some time to try out the service.

I mean INVEST... like if you've solved this problem, someone needs to be throwing money at you to buy hardware and further develop this proprietary software for a promise in sharing future profits. Maybe I'm wrong, but I see a big demand for this kind of service as Bitcoin awareness spreads.

Kudos to ThePiachu but it's not like he invented anything new. The theoretical basis for outsourcing vanity address generation has existed for a while and he just started a project to get the ball rolling. One way or another this will end up as a FLOSS platform so there's not much monetization potential.

One way or another this will end up as a FLOSS platform so there's not much monetization potential.

There's more to it than software. The key to success for a business venture like this will be the backend hardware that allows for mass production and fulfilment.

ThePiachu's point is to create a pool for other miners to participate in, not (or not only) to do the mining himself. Running a mining pool is distinct from running mining hardware, which itself is distinct from developing hardware.

This is cool, now all we need is oclvanitygen to support this so that we can use all the video cards that will soon be obsolete now that ASICs are coming along.

Well, this might be viable if suddenly a lot of people would want really fancy addresses and they were willing to pay up for them. It probably won't happen, but it might encourage a few people to go for a vanity address that normally wouldn't.

and say we want to find a pattern "166". One of the solutions takes a form of a private keyB18427B169E86DE681A1A62588E1D02AE4A7E83C1B413849989A76282A7B562Fmapping to public key:049C95E0949E397FACCECF0FE8EAD247E6FD082717E4A4A876049FB34A9ADED110DFEA2EF691CC4A1410498F4C312F3A94318CD5B6F0E8E92051064876751C8404

Sorry for my terrible math, but how is that private key a solution to the pattern "166"? That private key makes the address 12gFLYWpfnDTQ3JB5w5VDPpF5JQZnA1g1c it doesn't have 166 in it. The math doesn't lie and if you add the two private keys together you do get an address with "166" in it, but where did this one come from? How would one do this with vanitygen?

and say we want to find a pattern "166". One of the solutions takes a form of a private keyB18427B169E86DE681A1A62588E1D02AE4A7E83C1B413849989A76282A7B562Fmapping to public key:049C95E0949E397FACCECF0FE8EAD247E6FD082717E4A4A876049FB34A9ADED110DFEA2EF691CC4A1410498F4C312F3A94318CD5B6F0E8E92051064876751C8404

Sorry for my terrible math, but how is that private key a solution to the pattern "166"? That private key makes the address 12gFLYWpfnDTQ3JB5w5VDPpF5JQZnA1g1c it doesn't have 166 in it. The math doesn't lie and if you add the two private keys together you do get an address with "166" in it, but where did this one come from? How would one do this with vanitygen?

When you add18E14A7B6A307F426A94F8114701E7C8E774E7F9A47E2C2035DB29A206321725and B18427B169E86DE681A1A62588E1D02AE4A7E83C1B413849989A76282A7B562Ftheir sum becomesCA65722CD418ED28EC369E36CFE3B7F3CC1CD035BFBF6469CE759FCA30AD6D54which maps to 166ev9JXn2rFqiPSQAwM7qJYpNL1JrNf3h

Currently you can't do these operations with vanitygen, but I'll look into making a tool for the generation soon.

Basically, one would need to make a modified vanitygen that would add a predefined public key to a generated keypair before proceeding with calculating the Bitcoin address. It's a fairly simple modification, but I'm not fluent enough in vanitygen's source code to make it.

Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!

Is there some way to charge based on how long the key took to find? Like what if you set the price equal to whatever you would made mining BTC?

For now the service doesn't charge based on key length. It can be implemented if there is a need for it. I'd have to benchmark some split-vanity-mining software on some various hardware first in order to determine how much should one be charging. I've done it for normal vanity mining (details will be available in my master thesis that I'll probably post on the forum eventually).

Personally, I'd have to first check whether looking for multiple keys at the same time will slow the process down considerably, or will it not be too noticeable.Generally I'd like to leave a lot of freedom to the miners to discriminate themselves which tasks pay enough for them to undertake them (this is why the bounty is listed along with the task).